I have just upgraded to Java 1.6.0_27 (from 1.6_06),IIS 7.0 (from IIS 6)and Weblogic 10.3.5(From 9.1)
I am getting session.getAttribute(login) as null in my servlet.I tried to find out the reason for session null and the reason seemed to be -there is no cookie jsessionid in any of the httprequest.

I saw via a tool fiddler that the http request is not having the cookie jsessionID.
It seems the browser is not reading the cookie .
In the http response ,I do see a jsessionId but it is not carried over to the next subsequent request.It is lost or it doesnt have permission to read the Cookie.
Due to this ,my session is null everytime and I dont get session variables in my servlets.

Is it some JVM permission issue or some other Java issue I am not able to figure.It doesnt seem to be a server issue(IIs or Weblogic)
I have checked ,Cookies are enabled on my browser IE 8.

I saw one thing in the http response
when setting cookie it said httponly as one of the parameters.Does that causes any issue?